www.bookingconfirmation.odishait.com Open in urlscan Pro
51.222.41.207 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bookingconfirmation.odishait.com/
Submission: On December 05 via automatic, source certstream-suspicious (December 5th 2021, 3:21:05 pm UTC) — Scanned from CA

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 37 HTTP transactions. The main IP is 51.222.41.207, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.bookingconfirmation.odishait.com.
TLS certificate: Issued by bookingconfirmation.odishait.com on December 4th 2021. Valid for: a year.

This is the only time www.bookingconfirmation.odishait.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.222.41.207 51.222.41.207	16276 (OVH) (OVH)
1 3	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
37	9

1 51.222.41.207 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: server50.dnssecureserver.com

www.bookingconfirmation.odishait.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2001 (United States)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	955 KB
9	google.com 1 redirects docs.google.com www.google.com	120 KB
3	googleapis.com fonts.googleapis.com	2 KB
1	googleusercontent.com lh6.googleusercontent.com	22 KB
1	odishait.com www.bookingconfirmation.odishait.com	348 B
37	5

	Domain	Requested by
15	www.gstatic.com	docs.google.com www.gstatic.com www.google.com
8	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	docs.google.com www.gstatic.com
3	fonts.googleapis.com	docs.google.com
3	docs.google.com	1 redirects www.bookingconfirmation.odishait.com www.gstatic.com
1	ssl.gstatic.com	www.gstatic.com
1	lh6.googleusercontent.com	docs.google.com
1	www.bookingconfirmation.odishait.com
37	8

This site contains no links.

Subject Issuer	Validity	Valid
bookingconfirmation.odishait.com bookingconfirmation.odishait.com	`2021-12-04` - `2022-12-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.bookingconfirmation.odishait.com/
Frame ID: 2C377890522980B996D24CA4DC5CACD6
Requests: 1 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Frame ID: AB5F71BFCF2A3F0CCDE4177A4C39C448
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
Frame ID: EA85D1A2E12B40EF1FAAC186EE288557
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Frame ID: 9C081E72BFEC18DCB89EAF9AD2F3EB12
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking Confirmation Customer:

Page Statistics

37
Requests

97 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

9
IPs

2
Countries

1098 kB
Transfer

3034 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/edit HTTP 302
https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bookingconfirmation.odishait.com/ 225 B
348 B 182ms
46ms Document
text/html 51.222.41.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookingconfirmation.odishait.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.222.41.207 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: server50.dnssecureserver.com
Software: LiteSpeed /
Resource Hash: 1beefd626d506b3deca8dbffbbe90eb9b251641a324e82a26493934ee8100af5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 204
content-encoding: gzip
date: Sun, 05 Dec 2021 15:21:00 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"

GET
H2

200

viewform Show response
docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/ Frame AB5F
Redirect Chain

https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/edit
https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

181 KB
35 KB

136ms
136ms

Document
text/html

2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Requested by

Host: www.bookingconfirmation.odishait.com
URL: https://www.bookingconfirmation.odishait.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87353bb8a4cb3b662048a67a778a8f5186bed7a38725bf561f4b567858fc916b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-3LhIra0eQ3sfUT1DxK5Hug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bookingconfirmation.odishait.com/

Response headers

content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Dec 2021 15:21:01 GMT
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-3LhIra0eQ3sfUT1DxK5Hug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Dec 2021 15:21:01 GMT
location: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-cYO2klqL9hbDAt1IsuMrhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 240
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon
fonts.googleapis.com/ Frame AB5F 616 B
892 B 174ms
67ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07e86a231990ac1bf28b15c371252cc2ec302d247289b488a8968956053323e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 15:21:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 15:21:01 GMT

GET
H2 200 rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/ Frame AB5F 406 KB
50 KB 232ms
69ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cfc02c425a36eab2ab7e2616df1fea9207cb37087e55b0cc9db861fc1bd414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 18:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50931
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 19:30:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 18:44:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB5F 13 KB
1 KB 188ms
81ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 13:40:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 15:21:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB5F 1 KB
530 B 189ms
82ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 13:41:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 15:21:01 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame AB5F 1000 B
1 KB 178ms
56ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7dba69037b140510c6cea5d1fa437c2a9f4028ada075f240aacc69b47aaf4769

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 638
x-xss-protection: 1; mode=block
expires: Sun, 05 Dec 2021 15:21:01 GMT

GET
H3 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame AB5F 1 KB
714 B 96ms
41ms Image
image/svg+xml 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 19:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Dec 2022 19:49:59 GMT

GET
H2 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F 331 KB
108 KB 101ms
101ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47f9019272bdb86802d35d3591b0c7eef76a0c73935c836e47006bea87156bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110658
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 19:30:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-forms"
expires: Tue, 29 Nov 2022 18:51:35 GMT

GET
H2 200 O8iUnuYwQhfDDBwpNFCGVnFFpefrccSNQr1SxrbKaJNMf4VDt5qkkh-koQeXHBkrbZG-4_isjYpBgw9AMOibM0OKnK5yEFiWiuQhNAsRKngt6LQjkGwhztXyfeLFvwjvlw=w828
lh6.googleusercontent.com/ Frame AB5F 22 KB
22 KB 415ms
267ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/O8iUnuYwQhfDDBwpNFCGVnFFpefrccSNQr1SxrbKaJNMf4VDt5qkkh-koQeXHBkrbZG-4_isjYpBgw9AMOibM0OKnK5yEFiWiuQhNAsRKngt6LQjkGwhztXyfeLFvwjvlw=w828

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78688961c758469af458530c1875f56279c41e05b1fd8b306929aa8445f390dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:21:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AF1QipNwdJzD4ZI09HELpIFqaoB0P1u_o17qX6fq7Lsx=w828-h207.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22118
x-xss-protection: 0
expires: Mon, 06 Dec 2021 15:21:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5F 15 KB
16 KB 121ms
29ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options: nosniff
age: 428225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:23:56 GMT

GET
DATA 200
OK truncated
/ Frame AB5F 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AB5F 2 KB
2 KB 78ms
40ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 01:31:11 GMT
x-content-type-options: nosniff
age: 136190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 11 Dec 2021 01:31:11 GMT

GET
H2 200 qp_sprite154.svg
ssl.gstatic.com/docs/forms/ Frame AB5F 115 KB
14 KB 179ms
45ms Image
image/svg+xml 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/forms/qp_sprite154.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13435
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 19:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Mon, 05 Dec 2022 00:30:02 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB5F 21 KB
21 KB 142ms
54ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:04:28 GMT
x-content-type-options: nosniff
age: 342993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 16:04:28 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB5F 21 KB
21 KB 161ms
74ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options: nosniff
age: 428225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:23:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5F 15 KB
16 KB 131ms
45ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options: nosniff
age: 222739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 01:28:42 GMT

GET
H2 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame AB5F 34 KB
34 KB 150ms
64ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 01:16:07 GMT
x-content-type-options: nosniff
age: 137094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35140
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 04 Dec 2022 01:16:07 GMT

GET
H3 200 m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9a... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F 469 KB
146 KB 114ms
70ms XHR
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy20,sbHRWb,sy37,sy4n,cNHZjb,syg,syj,syh,sy1r,sy16,sy1s,sy2p,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,syr,sy3k,sy4q,sy4r,YwHGTd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,KFVhZe,sy2y,sy2z,sy30,I6YDgd,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy14,p2tbsc,sy21,sy22,sy23,LxALBf,sy34,sy47,sy4d,vofJp,sy4h,SM1lmd,QwQO1b,WdhPgc,sy28,sy2b,QMSdQb,JCrucd,ok0nye,sy2a,xmYr4,sy1y,sy1w,sy2x,sy3p,sy43,sy4e,sy4f,sy40,sy44,sy4c,sy41,sy1v,sy4j,sy49,sy4a,sy4b,Iy5Qtc,hYei2d,sy4k,sy1x,sy45,sy46,sy48,pFu8T,TOfxwf,riEgMd,sy4i,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy42,sy4o,sy4p,rmdjlf,A2m8uc,yUS4Lc,v4y9Mc,KOZzeb,rxfmRc,OZjhxc,lLliLe,liFoG,sy4g,oCiKKc,lWjoT,sW52Ae

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59acfc662ed79da4a8d1f6490f5c279af1e8f35747ddc334fafd55c49cd3d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148966
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 19:30:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 15:21:01 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame AB5F 343 KB
134 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 13:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 05 Dec 2022 13:58:21 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame AB5F 78 KB
28 KB 39ms
39ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy20,sbHRWb,sy37,sy4n,cNHZjb,syg,syj,syh,sy1r,sy16,sy1s,sy2p,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,syr,sy3k,sy4q,sy4r,YwHGTd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,KFVhZe,sy2y,sy2z,sy30,I6YDgd,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy14,p2tbsc,sy21,sy22,sy23,LxALBf,sy34,sy47,sy4d,vofJp,sy4h,SM1lmd,QwQO1b,WdhPgc,sy28,sy2b,QMSdQb,JCrucd,ok0nye,sy2a,xmYr4,sy1y,sy1w,sy2x,sy3p,sy43,sy4e,sy4f,sy40,sy44,sy4c,sy41,sy1v,sy4j,sy49,sy4a,sy4b,Iy5Qtc,hYei2d,sy4k,sy1x,sy45,sy46,sy48,pFu8T,TOfxwf,riEgMd,sy4i,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy42,sy4o,sy4p,rmdjlf,A2m8uc,yUS4Lc,v4y9Mc,KOZzeb,rxfmRc,OZjhxc,lLliLe,liFoG,sy4g,oCiKKc,lWjoT,sW52Ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8663e3d87b920403aa3ac32b4949a49ca03e296987e1373601d722e451e559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 14:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28725
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 00:34:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 15:35:11 GMT

GET
H3 200 m=SBlcU,rYNGv,sWGJ4b Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F 2 KB
1 KB 39ms
39ms XHR
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=SBlcU,rYNGv,sWGJ4b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6eeef2059211780000bedb6153d1afc48bd45dd3600b21a2cd8150f7684c6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 19:30:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-forms"
expires: Tue, 29 Nov 2022 18:55:14 GMT

POST
H3 204 naLogImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSf4TBww9uKzisSjAj9Zqmdbt1WMtqsmn_6cmYHWAyvtPkQ5MA/ Frame AB5F 0
13 B 71ms
71ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSf4TBww9uKzisSjAj9Zqmdbt1WMtqsmn_6cmYHWAyvtPkQ5MA/naLogImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Wvg77/SZcqbqRcqF44BfWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 15:21:02 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Wvg77/SZcqbqRcqF44BfWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: GSE
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EA85 40 KB
20 KB 115ms
67ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d9421888e65905bbdb71cb12ae2bdc3e70cab194b818605cd98942b98b7f445

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PGK3TTnEb9VGqrscMd6srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Dec 2021 15:21:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-PGK3TTnEb9VGqrscMd6srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20772
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EA85 51 KB
24 KB 33ms
33ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 30 Nov 2022 17:22:01 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EA85 343 KB
134 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 13:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 05 Dec 2022 13:58:21 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EA85 102 B
134 B 61ms
61ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 05 Dec 2021 15:21:02 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9C08 7 KB
1 KB 58ms
58ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a60e701542d70ee9b06e960a174f025a87d4cfdd5d4a696291625d8a29a0e519

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vn7RBnHS9JETs8ZQiPIM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Dec 2021 15:21:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vn7RBnHS9JETs8ZQiPIM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9C08 51 KB
24 KB 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 30 Nov 2022 17:22:01 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9C08 343 KB
134 KB 23ms
23ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 13:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 05 Dec 2022 13:58:21 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9C08 36 KB
21 KB 77ms
76ms XHR
application/json 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dab313373cda884dfb0f641ab39f60c1857afcbd19acff145351056837d75dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 05 Dec 2021 15:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21643
x-xss-protection: 1; mode=block
expires: Sun, 05 Dec 2021 15:21:02 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08 600 B
624 B 21ms
21ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 19:22:08 GMT
x-content-type-options: nosniff
age: 158334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 10 Dec 2021 19:22:08 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08 530 B
554 B 22ms
21ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 01:09:05 GMT
x-content-type-options: nosniff
age: 137517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 11 Dec 2021 01:09:05 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08 665 B
689 B 22ms
21ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:53:43 GMT
x-content-type-options: nosniff
age: 491239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 06 Dec 2021 22:53:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08 15 KB
15 KB 56ms
26ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:59:51 GMT
x-content-type-options: nosniff
age: 429671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08 15 KB
15 KB 68ms
37ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:51:38 GMT
x-content-type-options: nosniff
age: 491364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 22:51:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08 15 KB
15 KB 59ms
29ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 12:21:15 GMT
x-content-type-options: nosniff
age: 183587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 12:21:15 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 9C08 40 KB
40 KB 44ms
44ms Image
image/jpeg 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq275eeTfGeQu3oUtveZks5jzhSHZj-aKOUPqpqB-e5I36SH7tZTE-j2PvEAAsXywtEzelHnSBhTP45KaM63M4UjyrFPUFH0_PIuy2B08lNblZb3q2SHJnxAiO1Mb0oX5f9O7buZPxK8FVAkKyME_mJ4WCZ-7gqSjaT38zs2q11tR7uraA6m8mbL8YLXErSRqoCdDlgJwQzkdLkWQTbBQDdgf_Do2aQ&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

932780edeb29f23dc40e36c95292c0c904e3740f84af709aa34cfba1ee1d037c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:21:02 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40993
x-xss-protection: 1; mode=block
expires: Sun, 05 Dec 2021 15:21:02 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA	1970-01-19 23:12:01	Name: S Value: spreadsheet_forms=y3Amy_UM8UM0KaWtEFLiinYF0xJ5l77hfJtoFCEllqw
.docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA	1970-01-19 23:12:01	Name: COMPASS Value: spreadsheet_forms=CjIACWuJV0_CEG2v4ak7lLjO02HXam8oU6EP2Inli-cDy0Uh2_FEKhbNdMLAJD7avzhydRDtzbONBho0AAlriVeiCeePjxTB8FKLW1zjDo5-jdcVc861QWLYRvp7FeDf_btNc8sKEgHbcf4PSalt7w==
www.google.com/recaptcha	1970-01-20 03:31:09	Name: _GRECAPTCHA Value: 09ABBMTcOaIjkgp5lTmX3_sUOSu2U5TneoHtlvsX1y3lFhE6lAwtflu5sHqP_jodQ7DN3Qr8Uo1qeKpZRulpBIEqk
.google.com/	1970-01-20 03:35:28	Name: NID Value: 511=j2qDM2aJeJvNqrxpn77ra5un1gRQeVepOq6RGIyVtZoCh4XNwyafwh8XFz3YWWdPL5Y3mAQMhoNiMK8ene1fseUDu45ZhH3ILYDG8CBoASS2KARfs9oh9hr3a7fBrbZIGa0ZOTJtAC2udLFefo7_ak6w5av-touFfO5GsGJThk4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
fonts.googleapis.com
fonts.gstatic.com
lh6.googleusercontent.com
ssl.gstatic.com
www.bookingconfirmation.odishait.com
www.google.com
www.gstatic.com
2607:f8b0:4006:808::2001
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:823::2003
51.222.41.207
07e86a231990ac1bf28b15c371252cc2ec302d247289b488a8968956053323e3
0d9421888e65905bbdb71cb12ae2bdc3e70cab194b818605cd98942b98b7f445
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1beefd626d506b3deca8dbffbbe90eb9b251641a324e82a26493934ee8100af5
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47f9019272bdb86802d35d3591b0c7eef76a0c73935c836e47006bea87156bc5
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
78688961c758469af458530c1875f56279c41e05b1fd8b306929aa8445f390dc
7dba69037b140510c6cea5d1fa437c2a9f4028ada075f240aacc69b47aaf4769
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
87353bb8a4cb3b662048a67a778a8f5186bed7a38725bf561f4b567858fc916b
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
932780edeb29f23dc40e36c95292c0c904e3740f84af709aa34cfba1ee1d037c
a59acfc662ed79da4a8d1f6490f5c279af1e8f35747ddc334fafd55c49cd3d66
a60e701542d70ee9b06e960a174f025a87d4cfdd5d4a696291625d8a29a0e519
b6eeef2059211780000bedb6153d1afc48bd45dd3600b21a2cd8150f7684c6fe
ba8663e3d87b920403aa3ac32b4949a49ca03e296987e1373601d722e451e559
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d9cfc02c425a36eab2ab7e2616df1fea9207cb37087e55b0cc9db861fc1bd414
dab313373cda884dfb0f641ab39f60c1857afcbd19acff145351056837d75dbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

www.bookingconfirmation.odishait.com Open in urlscan Pro 51.222.41.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

37 Requests

97 %HTTPS

88 %IPv6

5 Domains

8 Subdomains

9 IPs

2 Countries

1098 kBTransfer

3034 kBSize

4 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bookingconfirmation.odishait.com Open in urlscan Pro
51.222.41.207 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

9
IPs

2
Countries

1098 kB
Transfer

3034 kB
Size

4
Cookies

37 HTTP transactions
1 data transactions